Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Looking for some packets going to tcp/8520 - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Looking for some packets going to tcp/8520

One of our readers has come across traffic leaving the network with a destination of CN and a destination port of tcp 8520.  

If you are seeing the same I'd like to know, even better if you have a capture of the traffic including the payload that would be great. 

Cheers

Mark H 

Mark

391 Posts
ISC Handler
Do you have IP ranges? I can search on tcp port, but not CN
John

88 Posts
61.131/16 should get you something. Unfortunately not able to provide a closer range. - MH
Mark

391 Posts
ISC Handler
123.x.x.x generally - but 121.x.x.x through 125.x.x.x should be asia-pacific
Mark
6 Posts
Found this on Speednet:

http://www.speedguide.net/port.php?port=8520

netsec_ct

1 Posts
This is not 2-way traffic? There is a callback of a specific group's RAT associated with that port.
Anonymous
Didn't find anything--I guess that's good
John

88 Posts

Sign Up for Free or Log In to start participating in the conversation!